Take a look at our
ThinkPads.com HOME PAGE
For those who might want to contribute to the blog, start here: Editors Alley Topic
Then contact Bill with a Private Message

Major Linux security hole gapes open

Linux on ThinkPads
Post Reply
Message
Author
RealBlackStuff
Admin Emeritus
Admin Emeritus
Posts: 23812
Joined: Mon Sep 18, 2006 5:17 am
Location: Loch Garman, Éire

Major Linux security hole gapes open

#1 Post by RealBlackStuff » Wed Nov 16, 2016 8:13 am


unix_joe
Junior Member
Junior Member
Posts: 353
Joined: Mon Jan 03, 2011 9:08 pm
Location: Pinehurst, NC
Contact:

Re: Major Linux security hole gapes open

#2 Post by unix_joe » Sun Nov 27, 2016 10:59 pm

That unencrypted /boot partition rears its ugly head again.

Last year you just had to hit backspace exactly 28 times and it would drop you to a shell.

Sometimes I wonder if these backdoors to /boot are intentional.
unix_joe
Me: ThinkPad Z13 - Debian Stable KDE
Wife: ThinkPad Z16 - Pop!_OS
Kids: ThinkPad X280 - Debian Stable Gnome
TV: ThinkPad P14s - Debian Stable

ZaZ
Moderator
Moderator
Posts: 4698
Joined: Fri May 13, 2005 1:33 pm
Location: Minnesota

Re: Major Linux security hole gapes open

#3 Post by ZaZ » Mon Nov 28, 2016 3:12 pm

jdk wrote:Sometimes I wonder if these backdoors to /boot are intentional.
You've got to remember the number of people writing the code is dwarfed by the number of people looking for vulnerabilities.
ThinkPad L14 - 2.1GHz Ryzen 4650U | 16GB | 256GB | 14" FHD | Win11P
ProBook 470 G5 - 1.6GHz Core i5 | 16GB | 2.2TB | 17" FHD | Mint

evening_hunger
Junior Member
Junior Member
Posts: 303
Joined: Thu Nov 26, 2015 2:55 pm
Location: Normandy, France

Re: Major Linux security hole gapes open

#4 Post by evening_hunger » Mon Nov 28, 2016 5:27 pm

I might be wrong but I think if you have entire filesystem encrypted, having acces to /boot (even root acces) doesn't give you any way to get to files. Not even root can decrypt without the key/password, which is not hashed anywhere.
T14amdR7-4750U/32GB/500gb.ssd/debian_testing (main driver)
X320/i7-2620M/8GB/256gb.ssd/FHD13.3''IPS/debian_testing (ex-main driver)
T30Pentium-M 4 1.8Ghz 512MB RAM - under restoration
X230/i5/8GB/500gb.hdd+256gb.m2ssd/IPS/debian_stable+win7
755CE, 486DX, approx 28MB RAM (Win95 JP)

unix_joe
Junior Member
Junior Member
Posts: 353
Joined: Mon Jan 03, 2011 9:08 pm
Location: Pinehurst, NC
Contact:

Re: Major Linux security hole gapes open

#5 Post by unix_joe » Tue Nov 29, 2016 7:08 am

evening_hunger wrote:I might be wrong but I think if you have entire filesystem encrypted, having acces to /boot (even root acces) doesn't give you any way to get to files. Not even root can decrypt without the key/password, which is not hashed anywhere.
Yeah, true FDE has been possible for at least 2 years with grub2, but none of the installers have been updated to make it easy to set up.

With OpenBSD, it's literally one bioctl command prior to installation.
unix_joe
Me: ThinkPad Z13 - Debian Stable KDE
Wife: ThinkPad Z16 - Pop!_OS
Kids: ThinkPad X280 - Debian Stable Gnome
TV: ThinkPad P14s - Debian Stable

evening_hunger
Junior Member
Junior Member
Posts: 303
Joined: Thu Nov 26, 2015 2:55 pm
Location: Normandy, France

Re: Major Linux security hole gapes open

#6 Post by evening_hunger » Tue Nov 29, 2016 11:23 am

I consider myself relatively dumb, but was able to do this when installing my Debian 2 years ago. So not that tragic after all:)
T14amdR7-4750U/32GB/500gb.ssd/debian_testing (main driver)
X320/i7-2620M/8GB/256gb.ssd/FHD13.3''IPS/debian_testing (ex-main driver)
T30Pentium-M 4 1.8Ghz 512MB RAM - under restoration
X230/i5/8GB/500gb.hdd+256gb.m2ssd/IPS/debian_stable+win7
755CE, 486DX, approx 28MB RAM (Win95 JP)

jaspen-meyer
Senior Member
Senior Member
Posts: 837
Joined: Wed May 19, 2010 11:21 pm
Location: Pardubice, Czech Republic
Contact:

Re: Major Linux security hole gapes open

#7 Post by jaspen-meyer » Fri Dec 02, 2016 5:06 am

ZaZ wrote:
jdk wrote:Sometimes I wonder if these backdoors to /boot are intentional.
You've got to remember the number of people writing the code is dwarfed by the number of people looking for vulnerabilities.
It's much easier to hide the treasure chest than than to find it.
T420 i7 3612QM seabios; T420 i7 3630QM; T400 Q9100 seabios; T61 P9600; T60 libreboot; x62; x60s libreboot, led; x24 xiphmont led

Post Reply
  • Similar Topics
    Replies
    Views
    Last post

Return to “Linux Questions”

Who is online

Users browsing this forum: No registered users and 31 guests